<?php
include('../../include/init.php');
?>

<?php
$username = fs_get_value('username');
$password = fs_sha1(fs_get_value('password'));
$code = fs_get_value('code');
$action = fs_get_value('do');
if($action == "exit"){
	unset($_SESSION['memberinfo']);
	fs_showmsg("退出成功！","index.php");
}
if($code != $_SESSION['randcode']){
	fs_showmsg("验证码不正确！");
	exit();
}
if($username == ''){
	fs_showmsg("用户名不能为空！");
	exit();
}
if($password == ''){
	fs_showmsg("密码不能为空！");
	exit();
}
//验证用户是否存在
$num = $db -> row_count(TABLE_MEMBER,"passport = '".$username."' and password = '".$password."' and state = 1");
if($num == 0){
	fs_showmsg("用户名密码不正确！");
	exit();
}
//验证通过,开始读取用户数据到SESSION
$row = $db -> row_select_one(TABLE_MEMBER,"passport = '".$username."' and password = '".$password."' and state = 1","*","id");
$_SESSION['memberinfo'] = implode('|',$row);

//记录登陆操作
$db->query_unbuffered("update ".TABLE_MEMBER." set logintimes=logintimes+1,lastlogintime='".date("Y-m-d H:i:s",time())."' where passport='".$username."' ");

fs_showmsg("登陆成功！",DIR_ROOT_A."/main/");
?>
